Hashcat Per Position Markov Chains – blog.spiderlabs.com
The Markov model is a mathematical system that has had numerous uses and variations since it’s inception over a hundred years ago. Most notable, in terms of computer science, is probably its use in voice recognition systems and telephony networks.

OWASP iOS Developer Cheat Sheet – owasp.blogspot.com
There’s a new cheat sheet available in the OWASP cheat sheet series. This one is aimed at iOS app developers, and is available here.

10 Techniques for Blindly Mapping Internal Networks – netspi.com
Occasionally clients require that all network and system discovery is done completely blind during internal pentests (meaning no IP addresses are provided). I know that a lot of people have been exposed to ping and port scan discovery techniques, but on large networks those methods alone can be pretty time consuming. So in this blog I thought I would provide some time saving options that can be used in conjunction with the traditional methods. This blog should be interesting to network administrators, security professionals, and anyone else who wants to learn a few more ways to blindly discover live subnets and systems.

How to Break Into Security, Bejtlich Edition – krebsonsecurity.com
For this fourth installment of advice columns aimed at people who are interested in learning more about security as a craft or profession, I reached out to Richard Bejtlich, a prominent security blogger who last year moved from a job as director of incident response at General Electric to chief security officer at security forensics firm Mandiant.

Pentesting like an Eastern European – blog.spiderlabs.com
Through SpiderLabs’ Incident Response and Penetration Testing services we get a chance to both examine ‘bad actor’ techniques in the field and help our clients see how their security controls will stand up to them.

Metasploit Generic NTLM Relay Module – webstersprodigy.net
NTLM auth blobs contain the keys to the kingdom in most domain environments, and relaying these credentials is one of the most misunderstood and deadly attacks in a hacker’s corporate arsenal. Even for smart defenders it’s almost like a belief system; some people believe mixed mode IIS auth saves them, NTLMv2 is not exploitable, enabling the IIS extended protection setting is all you need, it was patched with MS08-068, you have to be in the middle, you have to visit a website, you have to be an administrator for the attack to matter, etc. etc.

Incognito v2.0 Released – labs.mwrinfosecurity.com
It has been a very long time since I first worked on and released incognito. One of my original design goals was to make it reliable by ensuring it operated entirely using legitimate API calls so as to let Microsoft do the hard work of making it work and ensuring its correct operation with future service packs and operating system versions.

New Open Source Tool: Audit Parser – blog.mandiant.com
Mandiant RedlineTM and IOC Finder TM collect and parse a huge body of evidence from a running system. In fact, they’re based on the same agent software as our flagship Mandiant Intelligent Response® product. During the course of their “audits”, these tools conduct comprehensive analysis of the file system (including hashing, time stamps, parsing of PE file structures, and digital signature checks), registry hives, processes in memory, event logs, active network connections,DNS cache contents,web browser history, system restore points, scheduled tasks, prefetch entries, persistence mechanisms, and much more.

Vendor/Software Patches

Updated Impacket/Pcapy installers for Python 2.5, 2.6 & 2.7 – breakingcode.wordpress.com
Hi folks! In a previous post I talked about using Impacket and Pcapy on Python 2.6. Since those installers are now out of date, here are fresh ones for various versions of Pcapy and Python, built against WinPcap 4.1.2. There’s also a new Impacket MSI installer that works against all Python versions.

Safe Browsing – Protecting Web Users for 5 Years and Counting – googleonlinesecurity.blogspot.com
It’s been five years since we officially announced malware and phishing protection via our Safe Browsing effort. The goal of Safe Browsing is still the same today as it was five years ago: to protect people from malicious content on the Internet. Today, this protection extends not only to Google’s search results and ads, but also to popular web browsers such as Chrome, Firefox and Safari.

{Quick Post} Mail headers – blog.c22.cc
Following an email to a unnamed company, threw up a couple of interesting facts that companies should really be aware of. Information disclosure is always present, but email headers and failure notices are a goldmine of information if you take the time to dig into them.

Other News

More Password Hashes to Crack

More Password Hashes to Crack – The Oil Company Edition – novainfosecportal.com
Nothing super large but @digitalsec4u pointed out some recent postings on Pastebin by Anonymous with a good possible supply of hashes you may want to test your cracking skillz against. In an apparent attempt to #SaveTheArtic the data includes emails and passwords from various oil companies including Exxon Mobil, Shell, BP, Gazprom, and Rosneft.

More Password Hashes to Crack … from Wall Street IT Recruiter – novainfosecportal.com
As reported on CIO.com’s “Hacker Claims Breach of 50,000 Accounts From Wall Street IT Recruiting Firm” article (originally from ComputerWorld.com), it looks like hashes from ITWallStreet.com may have been released into the wild for all you amateur password crackers out there.

68,000 Password Hashes from Fish Enthusiast Forum – novainfosecportal.com
Ahhh … YAPHB (yet another password hash breach)… this time on the Cichlids Forums. The site that we originally read this story on is CyberWarNews.info where they referenced some basic email address stats from OZDC.net (i.e., OZ Data Centa). This time around it was Yahoo! Mail that had the highest registrant count with almost 15K followed closely by Hotmail.

Apple

Apple tries to block iOS in-app purchase hack, fails – zdnet.com
Apple is working hard to fight the hacking of its In-App Purchase program for iOS. So far though, the company’s attempts have not deterred Russian developer Alexey Borodin who apparently wants Cupertino to fix the underlying problem rather than just trying to block his in-appstore.com service.

Apple Mac in-app purchases hacked; everything free like on iOS – zdnet.com
While Apple is working hard to fight the hacking of its In-App Purchase program for iOS, the same hacker has pulled off almost an almost identical scheme for the Mac. Just like on iOS, this means you can purchase in-app Mac content without actually paying.

Charlie Miller: ‘Difficult to write exploits’ for Android 4.1 – zdnet.com
Android 4.1 Jelly Bean is the most secure version yet. Android now fully implements Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP). Unfortunately, most Android users will never get to use Jelly Bean on their device.

The Man Who Hacked Hollywood – gq.com
They’ve become a part of the pop-culture landscape: sexy, private shots of celebrities (your Scarletts, your Milas) stolen from their phones and e-mail accounts. They’re also the center of an entire stealth industry. For the man recently arrested in the biggest case yet, hacking also gave him access to a trove of Hollywood’s seamiest secrets—who was sleeping together, who was closeted, who liked to sext. What the snoop didn’t realize was that he was being watched, too.

Nike hacker steals over $80,000 – zdnet.com
Brad Stephenson went on a five-month shopping spree after he found a loophole in one of Nike’s website. When the Secret Service caught up with him, he had stolen $81,419.58 in Nike merchandise.

Oracle won’t patch critical hole in Database – zdnet.com
A serious security flaw in Oracle Database 11g and 10g flagged by the company in April will not get a permanent fix as the work is too tricky, the company has said.

One Comment

[…] Is there a United States website to play online Roulette that accepts paypalRoulette BlogYou will find those …For Whom The Bell Tolls: A Year Into the PresentApple Mountain Lion expected to launch WednesdayWeek 29 in Review – 2012 […]

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.